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This listing of claims replaces all prior versions and listings of claims in the application: 
n;ca> - 1 i a 1 s 

1. i Carre \n emka > 1 eadald e < < oupp 

e i Ac eg 

v < iti up d; c ling access ) ei - ccess pro entr> 

las >l ^ Kd ^ - n > Tt <> group, 

user access data including user access data entries, a user access entry relating to 
n v \ the a< cess certi 1 * e 1 

c rntro p p as d 

bject access d vbidng; data aspect aae^ ca a o^ a;aobnae! 
access data entry relating to at least one entry in trie access control group data and 
u\l\ tunici lCCnSC io 

?\et 3 at c t < n } <. v e i - 

a L.n'p an .r> c of a user; 
receiving an indication of a data object; 

m cbra bt is. accesses! to J- v ecs s ! < ! , In alci dies 

fee indicated user; 

searching data object access data to identify a data object access data entry that 
id« o itlcs he ndica ed data objc c 

>o \ p n _ a < v - '< 1 j. ,p a t \i ix « a c Pun bed acccs. data 
\ h , i a s •» ; i 1 ^ . , k. 

and 

nahi pa, the aid .at c > o e 1 1 oa f obn^ <. c ed on the 
ou > d ed by da idei Hie s seen data entry b g i une 
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s vct v - , < i ,j jvlviu^.oir" i oer i . ^ i ' v n, t . ( ^ 
■access data entry* 

V _| U C Si. Q^ t v \ it _ _v_L.CS 

a> L < _ > _ ■ > 

access d ata relat ing to ibc at least ^ ne cr.li nc ! 

± ,lvU_^ - ^ s 1 i 1 i ^ _ ' j -v 

J? c\ 1 ! CI 1 \ f5 t v U- gS'OJp 

data. 
2-4.UhitKc!Ldl 

5. (Previously Presented) The medium, of claim f wherein at least one entry in the access 
i ! j i j < i i _ * i ' i ic es t so erminh 

at least one entry in the user access data relating to the at least one entry in the access 
control group data, and 

at least one entry in the data object data relating to the at least one entry in the access 
control group data. 

> ui , ,,| a t. I ~> I whv'c Joastnm \<m\ n >kuM 

< c uvs 1 s ! i s < s * data 

ohw 1 denied . • t " . « ore , , - .c < d.i\ioht.et access data, 

7. > v iousU \ Ki Ihe t indium of claim 1 wherein: 

at least one entr) in the use; access data includes an indication of action that is permitted 
io he performed by a user identified in the at least one entry in the user access data on a data 

ed cuV s div.-OL_ t inhJ^c^oi - u 1 i >v ' t^'^o 

entry m the data ohjecr access data relates to the at least one entry- in the use? access data. 
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- '..wvi. Resented) I iediu.ro of c tiro \ lerc i the atart >siio urthan 
uu s ! access rule s. including access i 1 i > rub entries, an access control ruk entry 
5 - to east one enlr> ecssco roan data 

P. | Previous?) Presented) flic loedsum of claim S wherein at least one entry in the access 
ded nei tie? ; dicauon a aenoi } s tied to he pcribroicu ibi e s one catr) 
if) the data object access data. 

10. (Previousiy Presented) The medium of claim 8 wherein at least one entry u the 
tuev ruk , , v UO e^ i w i< el n e i st sent, la , a ^ .a 
access data that relates to at least one entry in the access control group data. 

(I ented di - as ry in ■ the 

access in « a < a. ha- an indication of how to determine at least hk en try s the user access 
data: a elates < at «. =a >ne entry m Ik eecss ^.tcttu poap da1 

12 (PreuoiH ente t itwne aecesf ruonp 

d ita t >e uses access date . .,J t ic Oata ob act * ee^ d a i ate aea sera? i eh m< rot^ nabk ro u 
each other. 

13 :Ptcv;oosP Presented! The > el era exclaim ; ^ e'nool o esc-r access data 
id the da >bje ess data are sep tel> a arable! thei 

14. (Previously Presented) T he medium of claim 13 whereat a change in the aser access 
data does not necessitate a change its the data object access data lo mamtam desired control over 
access b\ particular aseo; to particular data objects 

is cv-oai > aic ? teo) 'ku^i u > i Dwhiu-on. v a ai^e r tla data oojevr 
uov> do*" o t^s- c w cbat ~e n tne ^er.iw. ^ i *n i mP i <. 

,ev^ v , hmse nr. c . i. selects. 
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ad i co^> m\ u<i 04 

control ru ta inelud ss c< le entries, an access 

nkciifv u v. V U , ■) ( v f *\ i 

trb u I >. t <k i 1 v ; v s e ! a < 1 o 
cbd ii'c m „ i c \u J u<n i . il x t J t\ 10 ai he t one crar\ < foe aceos uMttoi ride 
c i ! d f oeduH e a charac c for a ust \d identifying 

nse \\l m oe i u ou .e^s'ic * *. . >^ . 
iu t u i ! vKh\^ td p I >ri i ui' if v 

receiving an indication of a user; 
receiving an indication of a data object; 

i> ss( ita entry idt g a ch risdc method 

data entry; 

' - t- ^ v. J v. v v! - - K L > > >! ? 

data entry, the characteristic method data entry identifying a method to determine a 
characteristic for a user and identifying a method to determine the characteristic for a data 
object; 

Jo i i c ic j i v I v i iedv>0 to deionmne 

! i f !i i a e v v. t - o i eth data V.rueiure 

ve.i . o o. eo, o f k < u> c^k ' ' jit. s"^ < *v n.tdve m 
determine ok characteristic for the data object ideofofoa! h, foe characteristic method 
data structure; and 

x ; ee^ i ■ 1 i ub >inM to ! > e v.f - t 

object ci 

hi the data object 



1 iPrc\aai?;> foremen! h>. ock.m, a "-'5v tur he data e^oory fmther 
includes user data. 
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ii> u ^ ^ P u' '.a, Lie _ i U r h ^eie n at Seas! ^ era n 
least one entry in the user data. 



evioiisl i) The niedium ot e t 1 

access control rule < includes an V>< i of a criterion < use m Laminating a? hast one 
e,li\ hi'h, a^e u \ ^ ! _ v i >. j «e i i l ^ ' vi\ 

entry in the us .-rd len u< c methm etet e -« character^ 

>! > < i e tc\ d i 1 t l a i > u i lo 

includes data object data. 

22. (Previously Presented) The medium of claim 21 wherein at least one entry in the 

^ ! v v i \ ( , h i U ^ < v 

with at. least one entry in the data object data. 

Pre\ v 1 .-tit' whet east one entry m the 

t 1 a. U I,. l . i v > i a. ! is n-a^ h . ^svo'k 

e tMilen o' 1 * a awl en*- ig i ')a > ! \ ^ ^ - hi ! < « -« *t \t . 

24. (Previously Prest ua o 2 v a e i , lot ntn <s ^ 

a - t o i ^esa dvi>"i oi'r.T k e t t 
entry in the data obi eci data wliei as g the njeihxs t<> klcr. s oat wmcc c - atter.stir 



25. (P'vvo iolv P-'cseVe-l, V < ; • t o ^sn_. 
a data repository including: 
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. ess contu c vi'> i' fa s i It ui v a ess . uo entt o a ^< > - i n, p tmi 1 ) 
identifying an access control group, 

user access data including user access data entries, & user access entry relating to 
at least oi -e en in the access control group data and identifying a user and an access 
control group, and 

itao « cess di « < )bjt cess d; entric data abje« 
access data entry relating to at least one entry in the access control group data and 
I y oaf as eel and ocess c n 

u^*.<. u , C . - k' 1, <. \v a ed V O' n L V < C 

e" j • £;J ^ a eves 

receiving an indication of a data object; 

te - ac ss i to identif er access ta entry ti dentifies 

the (indicated user; 

oo' 1 iinVt, o>ioa cot sdata o a itify e object access data entry that 
identifies the , o c. \v nan; object; 

i u ! v _ ^ k < 

entry wi m access conn < vie ^ nib-, , l > e L 'n .os^ n« v 

;Snd : 

jo h j K t < s-a- s' ^ t e< r c i ^ tailored 

CONS s. i 1 ( n 1 i. v 'V s 

access cootie - u n t o access e-rts-' e o -> u ,v t .> t > , ^ u .< la , np , 
access data entry, 

p o " - ^ u ! v jp c rapr 
a data repository including: 

access control rule data including access control rale entries, an access control 
s dei van ciiaracie! c etbod d entry; ara 
ehauiCi^: o.n method data including c in. ^ie:au *, v ■ < , a ics, a 
characteristic method data entry relating to at least one entry in die access control rule 



da i nc ent ykig a mctho< o determine cl ira< st c for ass <! i entifying a 

hod 10 deters fee cl ri >ject; an 

\ c ! n c v execi d, pt i x , ( x s 

receiving an indication of a user: 
receiving an indication of a data object: 
ce&mg an ac e< ! > i si - ^ 1 i ^ > t t < 

data entry; 

ev> t u . s f i ^ d ! u ^ 1 v. O! 1 i <. 

lata cat th; era ctensm i da! cntrx identifying a method ru deteroiiue a 
ehai.aetetis'n l ; . i t o e k K i s . ^ u i a a 

object; 

u t < he user by perforn 1 to d i 

theckmnm ;t;e-brthe scs den's tied h\ thee ractensh mcrhud U structure; 

detenninhig the characteristic for the data object by performing the method to 
determine the characteristic for the data object identified by the characteristic method 
d ita strtjei e and 

M i 1 ~! e ' ^ ^ e^ «. I v> 

object conditioned on the characteristic for the user being the same as the characteristic 
for the data object. 

7 ,V oi M\v"k « ' x o v.i'i c io Kx l.j ™ iLtu 

c tens c J c prrs e method to deic ; the cha n i 

object, 

28 Pi cto! 3 reset ed) lemed m f claim 6 eremthe ns od t deten netJ 
he user rs i a e mciho sine the cha t U< 

object. 

29. (Previously Presented) The medium of claim 16 wherein the access control rule data 
1 c t e vdngafirs eh eris u 



sec»? d roi t f - - <■ - - > 

ifh d; la o?itr> 

30. (Previous ^ - - i he ir-trd-urn oi'da-rc H> v.neic c eh eris i xS 
, u u. nit k ss t j „un ^ 1 i ^ n ! t n v 

cbavu'o" k , . \i fa sconno /.lauo .~*r i 'i t' w! eaUei;^ Kk-tnus \ c . second 
method to determine a i tic for a usei ^ 1 i erent ihaii the second 

method. 

M ic i di ,< - jc . 1 ^ * v u «. » < v >^iwud 
datvunrltides a tlrs; ehans ethod c < 1 > •> - 1 a t r i 1l 

characteristie for a data object and a second characteristic method data entry identifying a second 
method ode! -rea<f n cttns «. > i oata beet v. vds h re; Afferent 1 the 

second method. 



